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DETAILED ACTION 



1. 



This action is in reply to applicant's correspondence of 27 October 2005. 



2. 



Claims 1- 12 are pending for examination. 



3. 



Claims 1-12 remain rejected. 



Claim Rejections - 35 USC §102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 



Claims 1-12 are rejected under 35 U.S.C. 102(e) as being anticipated by Teal et al, U.S. 
Patent Application Publication US 2003/0120935 Al. 



processing environment comprising [para. 0002-0106, figures 1-3 and associated descriptions]: 



system kernel within a user client device [para. 0002-0106, figures 1-3 and associated 
descriptions, whereas the trapping of calls to the operating system (i.e., para. 0038- 
0042,0061,0067,0074-0077) clearly encompasses the memory access functions (i.e., 
read/write/modify per se, both at the application level to the operating system levels/layers) in all 
associated address spaces, as broadly interpreted by the examiner.]; 



4. 



As per claim 1 ; "An agent process for controlling access to digital assets in a data 



sensing atomic level asset access events, the sensing step located within an operating 
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aggregating multiple atomic level events to determine a combined event [para. 0002- 
0106, figures 1-3 and associated descriptions, whereas the trapping of calls to the operating 
system and subsequent logging/analysis/resulting operational restrictions on access (i.e., to 
applications execution per se), and system configuration functions (i.e., para. 0038-0045,0049- 
0051,0067-0075,0100-0106) clearly encompasses the "aggregating multiple atomic level events 
. . . combined event as broadly interpreted by the examiner.]; and 

asserting an encryption policy if a at least one combined event has occurred that matches 
a predefined digital asset usage risk policy [para. 0002-0106, figures 1-3 and associated 
descriptions, whereas the trapping of calls to the operating system and subsequent 
logging/analysis/resulting operational restrictions (i.e., encryption/authentication of code, etc.,) 
on access (i.e., to applications execution per se), and system configuration functions (i.e., para. 
0038-0051,0069-0072,0078-0106) clearly encompasses the "...encryption ... event has occurred 
. . . usage risk policy . . .", as broadly interpreted by the examiner.].". 

5. Claim 2 additionally recites the limitation that; "A process as in claim 1 wherein the step 
of asserting the encryption policy is implemented in an operating system kernel of the client user 
device.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system (clearly at the 
kernel level of the operating system) and subsequent logging/analysis/resulting operational 
restrictions (i.e., encryption/authentication of code, etc.,) on access (i.e., to applications 
execution per se), and system configuration functions (i.e., para. 0038-0051,0069-0072,0078- 
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0106) of both client/server, and network processing elements per se, clearly encompasses the 

. . encryption policy . . . kernel . . . client user device . . as broadly interpreted by the 
examiner.). 

6. Claim 3 additionally recites the limitation that; "A process as in claim 1 additionally 
comprising: 

encrypting an associated digital asset.". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent operational restrictions (i.e., encryption/authentication of code, etc.,) on access, and 
system configuration functions (i.e., para. 0038-0051,0069-0072,0078-0106) of both 
client/server, and network processing elements per se, clearly encompasses the ". . .encrypting an 
associated digital asset", as broadly interpreted by the examiner.). 

7. Claim 4 additionally recites the limitation that; "A process as in claim 1 wherein the 
combined event is 

a time sequence of multiple atomic level events.". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls (i.e., inherently a real time sequence 
of "multiple atomic level events") to the operating system and subsequent operational 
restrictions, event logging, etc., on access, and system configuration Sanctions (i.e., para. 
0008,0023-0024,0040-0041,0045,0051-0052,0067,0074-0080,0085-0089,0098-0106), clearly 
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encompasses the . .combined . . . time sequence of multiple . . . events", as broadly interpreted 
by the examiner.). 

8. Claim 5 additionally recites the limitation that; "A process as in claim 2 that 
operates independently of application software.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent operational restrictions, event logging, etc., on access, and system configuration 
functions (i.e., para. 0037-0045,0051,0061,0067-0078,0100-0106), clearly encompasses the 
". . .independently of application software", as broadly interpreted by the examiner.). 

9. Claim 6 additionally recites the limitation that; "A process as in claim 1 wherein the 
sensing, 

aggregating, and 

asserting steps operate in real time.". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls (i.e., inherently a real time sequence 
of "multiple atomic level events") to the operating system and subsequent operational 
restrictions, event logging, etc., on access, and system configuration functions (i.e., para. 
0008,0023-0024,0040-0041,0045,0051-0052,0067,0074-0080,0085,0089,0098-0106), clearly 
encompasses the "... sensing, aggregating, and asserting . . . real time", as broadly interpreted by 
the examiner.). 
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10. Claim 7 additionally recites the limitation that; "A process as in claim 1 additionally 
comprising: 

determining a sensitivity of a particular digital asset in the asset access event; and 
adaptive encryption to the digital asset, optionally depending upon sensitivity of the 
particular digital asset.". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent operational restrictions (i.e., encryption/authentication of code, etc.,) on access, and 
system configuration functions (i.e., para. 0038-0051,0069-0072,0078-0106), and, whereas the 
sensitivity corresponds to security/encryption/keying levels, clearly encompasses the 

. . sensitivity . . . asset . . . adaptive encryption sensitivity of the particular digital asset", as 

broadly interpreted by the examiner.). 

1 1 . Claim 8 additionally recites the limitation that; "A process as in claim 1 wherein the 
combined event specifies 

an action to be taken with the digital asset.". 
The teachings of Teal et al are directed towards such limitations (i.e:, para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent logging/analysis/resulting operational restrictions on access (i.e., to applications 
execution per se), and system configuration functions (i.e., para. 0038-0045,0049-0051,0067- 
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0075,0100-0106) clearly encompasses the "... combined . . . action to be taken . . . asset . . .", as 
broadly interpreted by the examiner.). 

12. Claim 9 additionally recites the limitation that; "A process as in claim 2 additionally 
comprising: 

at the client user device, 

applying encryption of the encryption policy specified the digital asset to be 
encrypted.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system and 
subsequent operational restrictions (i.e., encryption/authentication of code, etc.,) on access, and 
system configuration functions (i.e., para. 0038-0051,0069-0072,0078-0106), and, whereas the 
sensitivity corresponds to security/encryption/keying levels, clearly encompasses the "...client 
. . . encryption . . . policy specified . . . asset to be encrypted", as broadly interpreted by the 
examiner.). 

13. Claim 10 additionally recites the limitation that; "A process as in claim 9 additionally 
comprising: 

forwarding the digital asset to a second client use device; and 

asserting an encryption policy at the second client use device.". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system (inclusive of 
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client, client/server, networked per se configurations) and subsequent operational restrictions 
(i.e., software applications/assets in a 2 nd computer user space/memory, encryption, 
authentication of code, etc.,) on access, and system configuration functions (i.e., para. 0044- 
0053,0062-0069,0084,0100-0106), clearly encompasses the ". . .forwarding . . . second client 
. . . encryption policy . . . second client . . . ", as broadly interpreted by the examiner.). 

14. Claim 1 1 additionally recites the limitation that; "A process as in claim 10 additionally 
comprising: 

applying decryption at the second client user device". 
The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system (inclusive of 
client, client/server, networked per se configurations and functionality) and subsequent 
operational restrictions (i.e., software applications/assets in a 2 nd computer user space/memory, 
encryption, authentication of code, with subsequent decryption associated with said encryption, 
etc.,) on access, and system configuration functions (i.e., para. 0044-0053,0062-0069,0084,0100- 
0106), clearly encompasses the "... decryption . . . second client . . as broadly interpreted by 
the examiner.). 

15. Claim 12 additionally recites the limitation that; "A process as in claim 9 additionally 
comprising: 

forwarding the digital asset to a second client user device; and 
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not asserting an encryption policy at the second client user device, so that if the 
encryption policy specifies encryption, the digital asset cannot be read at the second client user 
device.". 

The teachings of Teal et al are directed towards such limitations (i.e., para. 0002-0106, figures 1- 
3 and associated descriptions, whereas the trapping of calls to the operating system (inclusive of 
client, client/server, networked per se configurations) and subsequent operational restrictions 
(i.e., software applications/assets in a 2 nd computer user space/memory, encryption, 
authentication of code, etc.,) on access, and system configuration functions (i.e., para. 0044- 
0053,0062-0069,0084,0100-0106), whereas configuration of kernel software operational to effect 
the call servicing and resulting configuration of security and encryption policies clearly 
encompasses the "... forwarding . . . second client ... not asserting an encryption . . . second client 
. . . cannot be read at the second client user device. . .", as broadly interpreted by the examiner.). 
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Response to Amendment 

16. As per applicant's argument concerning the lack of teaching by Teal et al of a client agent 
process, the examiner has fially considered in this response to amendment; the arguments, and 
finds them not to be persuasive. The Teal et al system and method (i.e., para. 0002,0005,0033) 
implemented as resident in the OS kernel (from which said system software executes) clearly 
encompasses a client agent process, as broadly interpreted by the examiner. Therefore, as being 
broadly interpreted by the examiner, as per the claim language, would therefore be applicable in 
the rejection, such that the rejection support reference collectively encompass the said claim 
limitations in their entirety. 

17. As per applicant's argument concerning the lack of teaching by Teal et al of monitoring 
of digital assets, the examiner has fully considered in this response to amendment; the 
arguments, and finds them not to be persuasive. The Teal et al system and method (i.e., para. 
0044-0045) implemented as resident in the OS kernel from which the associated OS elements, 
and linked up to the application level from a memory space context, clearly encompasses a 
protected and monitored digital asset per se, as broadly interpreted by the examiner. Therefore, 
as being broadly interpreted by the examiner, as per the claim language, would therefore be 
applicable in the rejection, such that the rejection support reference collectively encompass the 
said daim limitations in their entirety. 
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18. As per applicant's argument concerning the lack of teaching by Teal et al of encrypting 
files, the examiner has fully considered in this response to amendment; the arguments, and finds 
them not to be persuasive. The Teal et al system and method (i.e., para. 0090-0097) at the very 
least in the process of the hashing, authentication and associated implementation of security 
services in support of the kernel security, will perform said cryptographic services on files per se 
(again, at the kernel level of the OS, up to the application level; from a memory space context), 
as the typical data structure for which the cryptographic services are applied, as broadly 
interpreted by the examiner. Therefore, as being broadly interpreted by the examiner, as per the 
claim language, would therefore be applicable in the rejection, such that the rejection support 
reference collectively encompass the said claim limitations in their entirety. 

1 9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of 
this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the 
advisory action i» not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened 
statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 . 1 36(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory 
period for reply expire later than SIX MONTHS from the mailing date of this final action. 
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Conclusion 



20. Any inquiry concerning this communication or earlier communications from examiner 
should be directed to Ronald Baum, whose telephone number is (571) 272-3861, and whose 
unofficial Fax number is (571) 273-3861. The examiner can normally be reached Monday 
through Thursday from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh, can be reached at (571) 272-3795. The Fax number for the organization 
where this application is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. For more information for 
unpublished applications is available through Private PAIR only. For more information about the 
PAIR system, see http://pair-direct.uspto.gov . Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Ronald Baum 



Patent Examiner 




